Using Certificate Express Logon
When starting a session using Certificate Express Logon, the client establishes an SSL client authentication session with the tn3270 server. During the logon process, a macro with the Certificate Express Logon information is played. Once the session is established, the Z and I Emulator for Web client sends the application ID for the application that the user is accessing to the tn3270 server. This information is contained in the logon macro. The tn3270 server uses the client's certificate information from the SSL connection and the application ID received from the client, and requests the user ID and passticket (a temporary password) from the host access control program (such as RACF).
The Z and I Emulator for Web client uses the macro function to put predefined substitute strings in the user ID and password fields. The tn3270 server substitutes the user ID and passticket in the appropriate place in the 3270 datastream. The logon is completed.
Related topics:
- Express Logon overview
- Telnet servers that support Certificate Express Logon
- Before configuring Certificate Express Logon
- Configuring Certificate Express Logon
- Recording multiple user IDs for a Certificate Express Logon macro
- Distributing a Certificate Express Logon macro
- Certificate Express Logon macro limitations
- Certificate Express Logon problem determination
- Web Express Logon Reference